SSL errors are common problems encountered by thousands of internet users around the world every single day. ERR_SSL_VERSION_OR_CIPHER_MISMATCH error is also one of them. Whenever users visit a web server that uses SSL and unable to establish a secure connection the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH occurs. But you shouldn’t worry about this, you are at the right place to fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
There are some workarounds you can follow to disable this problem. In this article, we are going to discuss six different methods to fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
What is The ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error?
SSL certificate is proof that the website is safe and secure by implementing proper protocols. When a website uses an SSL certificate for your website and visitor attempts to connect, the following steps take place:
- Decryption
- A TLS handshake
- Verification of the SSL certificate with the certificate authority (CA)
If any of the steps don’t happen properly, visitors’ web browser fails to establish a secure connection with the website as a result they face the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. Usually, when the SSL certificate is outdated or too old, the protocols think that the website server is unsafe and this error message shows up. Particularly, when visitors need to provide sensitive personal information such as credit card numbers.
What Causes the ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error?
The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error typically happens when a website uses an unsupported version of a protocol that has security flaws, which may be harmful to visitor’s devices. But that is not always the case. The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error can happen because of the website server-side and client-side. We will talk about the causes of this error from both sides. Let’s check out the reasons below:
Server-side issues:
- Old TLS versions – When a web server uses an old version of TLS that new web browsers no longer support.
- Certificate name mismatch – When the domain name of the SSL certificate doesn’t match the current domain name, the certificate mismatch error occurs.
- Use of RC4 Cipher Suite – RC4 cipher is no longer considered safe, so using it can create an error.
Client-side issues:
- Outdated web browsers or operating systems – use of old web browsers or operating systems may not support the latest version of TLS.
- QUIC protocol – QUIC is a Google project that acts as an alternative to common security solutions but it may become the cause of the error.
- SSL state not being updated- If your computer stores old SSL certificates it may cause the error.
- Web browser’s cache – the cached data may not match the website’s updated security measures.
- Antivirus program – Antivirus program may trigger a false alarm that results in the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
How to Fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error?
The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error fixes are different on the server-side and the client-side. We will discuss how you can fix the error if you are the site owner or visitor. So let’s go forward____
Fix the Error from the Server-side:
If your visitors are facing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error then the following step can fix the issue:
1. Check Your SSL/TLS certificate:
If you are seeing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error, checking the site’s SSL/TLS certificate is the first and easiest place to start fixing it. You can start checking your SSL/TLS certificate using the most professional free SSL test tool by Qualys SSL Labs. To start all you have to do is type the URL of your website and hit submit. It will not take more than a couple of minutes to scan your web server.
Qualys SSL Labs examines the state of your certificates and encryption then generates a report. The report highlights the sections that need attention. It will let you know if your SSL/TLS certificate is old and needs an update. It can also inform you whether your SSL/TLS certificate is valid and trusted. If you don’t want to hide results from the public, there’s also an option to hide the results.
2. Verify Certificate for Name Mismatch:
A certificate name mismatch is one of the common causes of the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. When the domain name in the SSL certificate doesn’t match the URL in the browser, the certificate name mismatch happens. The certificate name mismatch can also occur if your domain points to an old IP address where the site no longer exists or your site uses a content delivery network (CDN) that doesn’t support SSL. Moreover, if your site does not use SSL, but shares an IP address with some other site that does, it can be the cause of the certificate name mismatch.
Luckily, this is very easy and quick to diagnose and fix the certificate name mismatch. To check for certificate name mismatch you can use Google Chrome DevTools. To start right-click anywhere on the website, then click on “Inspect”. Now, go to the “Security” tab and click on “View certificate”. This will show all the required details of the certificate. If the information doesn’t match, then there is an issue with the certificate. However, the error will not allow you to let in the Chrome DevTools. That is where a tool like SSL Labs can come in handy. SSL Labs tool can diagnose certificate name mismatch pretty quickly. It’ll also provide notification regarding the mismatch. If the mismatch occurs due to an old IP address, pointing the domain name from the old IP address to the new one should fix the issue immediately.
3. Disable RC4 cipher:
RC4 cipher is an old encryption tool, which was very simple to hack and had lots of security vulnerabilities. As it’s no longer considered safe, browsers like Microsoft Edge, Google Chrome have stopped supporting it. So, if your server still uses the RC4 cipher suite, an error may occur.
Although you may still find enterprises using the RC4 cipher suite since it takes longer to process and implement changes in a complex environment. So we recommend disabling it and configuring the server to use a different cipher suite. To verify if your server is supporting it, run the scan in SSL labs, go to the Cipher Suites section to check the RC4 cipher.
4. Use the Latest Version of TLS:
Another possible reason for ERR_SSL_VERSION_OR_CIPHER_MISMATCH error can be the TLS version running on your web server. When the TLS version running on your server is old, this error can occur. Modern browsers have also stopped supporting TLS 1.0 and TLS 1.1. So for the best SSL security and performance, you should use the TLS 1.2 or TLS 1.3 protocols.
Again, the SSL Lab tool can help with this. When you run your server check-in SSL Labs, it will show you the current version of TLS running just under the configuration section. If you find your server TLS is old, reach out to your host and ask them to update their TLS version.
Fix the Error from the Client-side:
If you are getting access to a site from one of your devices but not from another one, then the problem is on your device. Perform the following task to fix the error from your device:
1. Disable The QUIC Protocol:
QUIC (Quick UDP Internet Connections) is a Google-developed protocol that makes internet browsing faster and more efficient. It sends simple data packages via User Datagram Protocol (UDP) which speeds up web browsing. It is an excellent alternative to HTTP2, TLS/SSL, and other security protocols. However, sometimes it becomes the cause of errors, including the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
Luckily, you can avoid the error by turning QUIC off. To turn it off, open the Google Chrome browser, type in chrome://flags into the address field, and search for “Experimental QUIC Protocol” in the search field. Now under the Experimental QUIC Protocol option, you will see that it’s set to “Default”. Change it from Default to Disabled, restart Chrome, and try loading the website again. If the error is still there, something else causes the issue so enable QUIC again.
2. Enable TLS 1.3:
Enabling TLS1.3 on your web browser can be another solution for ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. Most website browsers support TLS 1.3. If you did not update your browser or do not even want to, you can check the TLS version. If your Chrome version is less than 72 then you need to enable TLS1.3 on your web browser. For that, Open the Google Chrome browser, type chrome://flags in the address bar, search for TLS 1.3, and enable the option.
If you are using the Firefox browser, type about:config in the address bar. Click the button to accept the risk and search for TLS. Now, look for the security.tls.version.max option towards the bottom of the list and set the value to 4.
3. Clear SSL State in Browser:
We all know browsers save a cache of web pages to load it faster, just as the cache of websites your computer stores a cache of SSL certificates known as “SSL State”. Sometimes your computer SSL state stores old SSL certificates, which can cause ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. So just like clearing your browser’s cache can sometimes help fix errors, clearing the SSL state in the browser can do the same.
To clear the SSL state, go to Control Panel, select Network and Internet there, click on Browser Properties in it. Choose the Content tab, hit on the Clear SSL State button, and then click OK. Now restart your browser and try opening the website that you were trying to open.
4. Delete Cache and Cookies on Your Browser:
Caching is the process of storing data so that it can load your web pages faster on your next visit. But the problem occurs when the website makes changes and the cache fails to detect that. That’s the reason deleting browser cache and cookies is the first step to fixing most of the errors.
Depending on the browser, the process of deleting cache and cookies is different. Though for most browsers CTRL+SHIFT+DELETE hotkey combination deletes the cache and cookies, we prefer to do it manually.
For that, check How to Clear the Cache in Different Browsers. Remember to uncheck some options, otherwise, you will lose saved logins and all history.
5. Turn Off Antivirus Software Temporarily:
Sometimes your anti-virus software may create a layer between your browser and the web with their own certificates which can cause the cipher mismatch error. Also, the poor configuration of your anti-virus software can cause connection security problems. To be sure that the cause of this problem is your antivirus, disable your antivirus for a few minutes or for an hour. If that fixed the issue, you know what the problem was. But if you are still seeing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error, then your antivirus is not causing the issue.
Security protocols, software, and systems are evolving every day. So, it is always a good idea to update your operating system, browser, and software regularly. Also, makes sure your website is configured correctly, make sure your SSL certificate has no issues, and your hosting provider supports the latest protocols.
In this article, we have listed the most common solutions for the error. You should be able to find the cause of the error and fix it, by following these steps.
If you have any other questions or suggestions about the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error and how to fix it leave a comment below!
Also, check our Blogs section to get more articles on the different error and their solutions.
SSL errors are common problems encountered by thousands of internet users around the world every single day. ERR_SSL_VERSION_OR_CIPHER_MISMATCH error is also one of them. Whenever users visit a web server that uses SSL and unable to establish a secure connection the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH occurs. But you shouldn’t worry about this, you are at the right place to fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
There are some workarounds you can follow to disable this problem. In this article, we are going to discuss six different methods to fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
What is The ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error?
SSL certificate is proof that the website is safe and secure by implementing proper protocols. When a website uses an SSL certificate for your website and visitor attempts to connect, the following steps take place:
If any of the steps don’t happen properly, visitors’ web browser fails to establish a secure connection with the website as a result they face the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. Usually, when the SSL certificate is outdated or too old, the protocols think that the website server is unsafe and this error message shows up. Particularly, when visitors need to provide sensitive personal information such as credit card numbers.
What Causes the ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error?
The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error typically happens when a website uses an unsupported version of a protocol that has security flaws, which may be harmful to visitor’s devices. But that is not always the case. The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error can happen because of the website server-side and client-side. We will talk about the causes of this error from both sides. Let’s check out the reasons below:
Server-side issues:
Client-side issues:
How to Fix the ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error?
The ERR_SSL_VERSION_OR_CIPHER_MISMATCH error fixes are different on the server-side and the client-side. We will discuss how you can fix the error if you are the site owner or visitor. So let’s go forward____
Fix the Error from the Server-side:
If your visitors are facing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error then the following step can fix the issue:
1. Check Your SSL/TLS certificate:
If you are seeing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error, checking the site’s SSL/TLS certificate is the first and easiest place to start fixing it. You can start checking your SSL/TLS certificate using the most professional free SSL test tool by Qualys SSL Labs. To start all you have to do is type the URL of your website and hit submit. It will not take more than a couple of minutes to scan your web server.
Qualys SSL Labs examines the state of your certificates and encryption then generates a report. The report highlights the sections that need attention. It will let you know if your SSL/TLS certificate is old and needs an update. It can also inform you whether your SSL/TLS certificate is valid and trusted. If you don’t want to hide results from the public, there’s also an option to hide the results.
2. Verify Certificate for Name Mismatch:
A certificate name mismatch is one of the common causes of the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. When the domain name in the SSL certificate doesn’t match the URL in the browser, the certificate name mismatch happens. The certificate name mismatch can also occur if your domain points to an old IP address where the site no longer exists or your site uses a content delivery network (CDN) that doesn’t support SSL. Moreover, if your site does not use SSL, but shares an IP address with some other site that does, it can be the cause of the certificate name mismatch.
Luckily, this is very easy and quick to diagnose and fix the certificate name mismatch. To check for certificate name mismatch you can use Google Chrome DevTools. To start right-click anywhere on the website, then click on “Inspect”. Now, go to the “Security” tab and click on “View certificate”. This will show all the required details of the certificate. If the information doesn’t match, then there is an issue with the certificate. However, the error will not allow you to let in the Chrome DevTools. That is where a tool like SSL Labs can come in handy. SSL Labs tool can diagnose certificate name mismatch pretty quickly. It’ll also provide notification regarding the mismatch. If the mismatch occurs due to an old IP address, pointing the domain name from the old IP address to the new one should fix the issue immediately.
3. Disable RC4 cipher:
RC4 cipher is an old encryption tool, which was very simple to hack and had lots of security vulnerabilities. As it’s no longer considered safe, browsers like Microsoft Edge, Google Chrome have stopped supporting it. So, if your server still uses the RC4 cipher suite, an error may occur.
Although you may still find enterprises using the RC4 cipher suite since it takes longer to process and implement changes in a complex environment. So we recommend disabling it and configuring the server to use a different cipher suite. To verify if your server is supporting it, run the scan in SSL labs, go to the Cipher Suites section to check the RC4 cipher.
4. Use the Latest Version of TLS:
Another possible reason for ERR_SSL_VERSION_OR_CIPHER_MISMATCH error can be the TLS version running on your web server. When the TLS version running on your server is old, this error can occur. Modern browsers have also stopped supporting TLS 1.0 and TLS 1.1. So for the best SSL security and performance, you should use the TLS 1.2 or TLS 1.3 protocols.
Again, the SSL Lab tool can help with this. When you run your server check-in SSL Labs, it will show you the current version of TLS running just under the configuration section. If you find your server TLS is old, reach out to your host and ask them to update their TLS version.
Fix the Error from the Client-side:
If you are getting access to a site from one of your devices but not from another one, then the problem is on your device. Perform the following task to fix the error from your device:
1. Disable The QUIC Protocol:
QUIC (Quick UDP Internet Connections) is a Google-developed protocol that makes internet browsing faster and more efficient. It sends simple data packages via User Datagram Protocol (UDP) which speeds up web browsing. It is an excellent alternative to HTTP2, TLS/SSL, and other security protocols. However, sometimes it becomes the cause of errors, including the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.
Luckily, you can avoid the error by turning QUIC off. To turn it off, open the Google Chrome browser, type in chrome://flags into the address field, and search for “Experimental QUIC Protocol” in the search field. Now under the Experimental QUIC Protocol option, you will see that it’s set to “Default”. Change it from Default to Disabled, restart Chrome, and try loading the website again. If the error is still there, something else causes the issue so enable QUIC again.
2. Enable TLS 1.3:
Enabling TLS1.3 on your web browser can be another solution for ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. Most website browsers support TLS 1.3. If you did not update your browser or do not even want to, you can check the TLS version. If your Chrome version is less than 72 then you need to enable TLS1.3 on your web browser. For that, Open the Google Chrome browser, type chrome://flags in the address bar, search for TLS 1.3, and enable the option.
If you are using the Firefox browser, type about:config in the address bar. Click the button to accept the risk and search for TLS. Now, look for the security.tls.version.max option towards the bottom of the list and set the value to 4.
3. Clear SSL State in Browser:
We all know browsers save a cache of web pages to load it faster, just as the cache of websites your computer stores a cache of SSL certificates known as “SSL State”. Sometimes your computer SSL state stores old SSL certificates, which can cause ERR_SSL_VERSION_OR_CIPHER_MISMATCH error. So just like clearing your browser’s cache can sometimes help fix errors, clearing the SSL state in the browser can do the same.
To clear the SSL state, go to Control Panel, select Network and Internet there, click on Browser Properties in it. Choose the Content tab, hit on the Clear SSL State button, and then click OK. Now restart your browser and try opening the website that you were trying to open.
4. Delete Cache and Cookies on Your Browser:
Caching is the process of storing data so that it can load your web pages faster on your next visit. But the problem occurs when the website makes changes and the cache fails to detect that. That’s the reason deleting browser cache and cookies is the first step to fixing most of the errors.
Depending on the browser, the process of deleting cache and cookies is different. Though for most browsers CTRL+SHIFT+DELETE hotkey combination deletes the cache and cookies, we prefer to do it manually.
For that, check How to Clear the Cache in Different Browsers. Remember to uncheck some options, otherwise, you will lose saved logins and all history.
5. Turn Off Antivirus Software Temporarily:
Sometimes your anti-virus software may create a layer between your browser and the web with their own certificates which can cause the cipher mismatch error. Also, the poor configuration of your anti-virus software can cause connection security problems. To be sure that the cause of this problem is your antivirus, disable your antivirus for a few minutes or for an hour. If that fixed the issue, you know what the problem was. But if you are still seeing the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error, then your antivirus is not causing the issue.
Security protocols, software, and systems are evolving every day. So, it is always a good idea to update your operating system, browser, and software regularly. Also, makes sure your website is configured correctly, make sure your SSL certificate has no issues, and your hosting provider supports the latest protocols.
In this article, we have listed the most common solutions for the error. You should be able to find the cause of the error and fix it, by following these steps.
If you have any other questions or suggestions about the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error and how to fix it leave a comment below!
Also, check our Blogs section to get more articles on the different error and their solutions.
Sidratul Sohrat
I am Sidratul Sohrat, a dedicated content writer with a fervent passion for creating engaging and informative content related to technology, business, and marketing.